Conversation with Alvin Tedjamulia on Big Law Business

Conversation with Alvin Tedjamulia on Big Law Business
  • Alvin,

    NetDocuments is one of the fastest growing legal tech companies of which I am aware (even though you've been around since 1999), without giving me a thousand words, what is your secret sauce?

  • The answer to that is actually very simple. Law Firms and professional services organizations are hungry for best-of-breed document and email services solutions which require very little overhead but ensure continuous technology modernity (through inheritance), high-user adoption, and simplicity. As a market pioneer in the legal cloud computing space, we have developed technology that simultaneously solves key issues:

    1. 1) Security: Risk mitigation on subpoena defense, protection against self, nation state attacks, ransomware, denial of services, data loss preventions, and auto inheritance of the major compliance certifications (SOC-2, ISO 27001/18, FIPS 140-2 Level 3, and GDPR).

    2. 2) High user adoption (approaching 100%) so the end-users can operate in any environment they choose. This is called transparent or invisible document management. The goal is not just to move users from “having to use DM” to loving DM” but to make the end-user think he/she is not using any DM at all.

    3. 3) Complete flexibility in document or matter storage, but ensure that the entire DM operates as one single library for the entire firm. Documents can be geographically scattered for data sovereignty (US, Germany, China, Brazil, Japan, etc.) according to matters, or stored on-premise or in the cloud. Documents can be stored in a NetDocuments private cloud, or in Azure, or in the Firm’s local datacenter (on-site), or in the Firm’s Client’s datacenters.

    4. 4) A single solution for matter project management, discussions threads, content governance, collaboration, machine learning, analytics, mature API, a readability available marketplace for technology, implementation, and training services, and cloud platform.
  • You didn’t mention this, but it’s an undercurrent of each of the points you highlighted: NetDocuments was built as a cloud first platform in 1999, so whereas iManage is trying to convert their solution to the cloud, NetDocuments can focus on building the best cloud product on the market. The steep growth is a by-product of firms trying to get off on-premise solutions and move to the cloud.

  • Zach,

    It’s interesting that up until 3 years ago our competitors used the “cloud” factor as the primary method to discredit NetDocuments, citing that the cloud is untrustworthy. Now just about every competitor claims that they, too, are “cloud,” except their cloud is based upon a single-tenancy architecture. As one who has deployed cloud solutions for 20 years across thousands of firms, hundreds of countries, and billions of documents, I know single tenancy and cloud are incompatible words. Single tenancy is simply a hosted model where the servers are located off-premises, and where the legacy three-tier architecture is basically preserved but complemented with a browser interface.

    A multi-tenant cloud means a single global service independent of geography (a Singapore Firm and a New York Firm run the same service), independent of time (a Firm which implemented NetDocuments 15 years ago runs the same service as one which implemented yesterday), and independent of size (a 3,000 lawyer firm runs the same software as a single-lawyer firm).

    We all know that cloud benefits include elasticity, total cost of ownership, time to market, reduction of CAPEX, near maintenance-free operations, and avoidance of complex upgrades. However, we usually don’t recognize that the cloud is the center of innovation (as the vast majority of technology R&D; goes to the cloud) and the center of security (entropic cryptography, dual-custody encryption, DLP, and best practices).

    In fact, I stand by the statement that based on cloud model efficiency only cloud vendors will survive long term. Firms will be compelled to choose the cloud because there will be no significant vendors left in business offering on-premises or hosted models in the future.

    There is also one key cloud advantage called “inheritance.” All of our users automatically inherit all innovations, without any major efforts, which is a sure way to “future proof” their technology platform. For example: (1) our brand-new User Experience introduced in Sept 2017 is now deployed and inherited by 100% of our users; (2) our new ISO 27018 certification and HIPPA Hitech attestation attained in Q4/2017 are now inherited by 100% of our firms, and (3) our new Hardware Security Module (HSM) deployed in mid-2017 for multi-layer or dual-custody encryption is inherited by 100% of our documents. If there were no single global multi-tenant service, how long would it take for all users, all firms, and all documents to inherit new enhancements?

    The challenge for the rest of the industry participants who were late cloud adopters is the fact that it literally takes a decade to architect, code, scale, secure, and stabilize a service capable of supporting billions of documents being accessed by hundreds of thousands of users by thousands of firms. The technology stack is so fundamentally different than the legacy three-tier-architecture. The engineers and architects need to rethink everything, the IT department needs to learn how to listen to cloud data, the management team must restructure the company, and the investors have to start from ground zero.

    Prior to 2015, the industry went through the “pioneering” stage of cloud adoption. In the past three years, the industry has entered the early adopter stage. Today, with 20% of the Am Law 200 firms already deploying cloud DMS, and with 1.8 firms joining NetDocuments every business day, we are seeing the early majority phase of cloud adoption.
  • So much to unpack here, but why don’t we start with security. Many folks are nervous about the cloud and I’ve heard eDiscovery vendors say something to the effect of “my customers like to know where their data is stored.”

    How do you explain in simple terms why this approach is so flawed?
  • Yes, indeed you’re correct, people are still nervous about the cloud and they ask the question “where is my data stored?” The implications of this question are twofold: (1) the assumption that an on-premise location is safer than the cloud and (2) the assumption that the specific cloud location needs to be well understood.

    We’ll start with the simple answer to your question and then explain in detail why the ‘where’s my data stored’ concept is very much flawed for NetDocuments.

    So, in responding to the question “where is my data stored?” The correct answer is “anywhere you want” in the cloud or on-premise, And, the storage location can be different by matter or project, And, regardless of where your persistent choice of storage is, you will have the peace of mind that all data is protected with the best back-end security and end-user protection, And, regardless of the number of physical storage locations for the Firm, there is only a single global library for the entire document set.

    There are legitimate reasons for asking the question “where is my data?” if your concern is data sovereignty or client consent requirements. However, asking that question for risk mitigation is flawed because of two reasons.

    -- A general market miss-understanding exists that a Cloud Service such as NetDocuments requires exclusively cloud storage for documents, emails, and discussion threads. In reality, NetDocuments allows complete storage flexibility with the exact location to be determined by the firm or their client and allocated at the matter or project level.

    We call this ndFlexStore which allows the freedom to choose storage locations by project. The Firm can choose locations by matter such as (1) in the NetDocuments Cloud [in US, or Europe, or Australia]; or (2) in any Microsoft Azure cloud location [such as Switzerland, or Middle East, or China]; or (3) in any on-premise location hosted by the Firm [anywhere in the world], or (4) in any on-premise location hosted by the Firm’s clients. So the question “where is the data stored?” is actually irrelevant, because NetDocuments can accommodate any combination of data storage depending on the customer, client, or geographic regulatory restrictions. Some matters or projects can be in the cloud, while others can be on-premise.

    The irresistible concept here is that all content is under a single document library, regardless of the number of geographical physical locations, so the Firm can have global collaborative Workspaces across countries, one single global search index, and one single folder topology structure, therefore preserving the crucial requirement for the Firm to operate as a single global organization, instead of multiple sub-groups segregated by physically separate document libraries. And, it is completely seamless and invisible to the end-user; unlike disparate libraries, users do not have to know where data is physically stored.

    This means: any client demand for document residency, any government regulation for data sovereignty, any compliance requirement for export control, or any internal governance policy prescription for physical storage can be simultaneously serviced, even if they are incongruent across matters or projects, geographically dispersed offices, or client-specific demands.

    -- Many erroneously assume that data storage locations are safer than others, due to differences in perimeter protection, network defense, or on-site physical security. This would be true if we disregard the NetDocuments encryption technology. The unequivocal reality is that because of entropic dual-custody data cryptography, any physical location is homogeneously secured. This makes the incredulous argument that a storage location in Fort Knox or a storage location at the Grand Central Station foyer have the same security. Physical data access means nothing. Even physical access to crypto keys means nothing. This is the beauty of the NetDocuments entropic dual-custody cryptography which is FIPS 140-2 Level 3 compliant (notice the Level 3, that’s the most important part). Yes, storage at the Grand Central Station foyer can be physically destroyed, yet no one can access or read the documents, even if they had the keys. With NetDocuments, the physical destruction of a storage location would not stop document availability because of replication or file striping across datacenters.

    Of course, we don’t store documents or emails in physically unsecured locations. We argue that there is no NetDocuments client who has an overall better perimeter defense, or security best practices, or ransomware protection, or network security, or segregation of duties, or distributed denial-of-service protection, or compliance certifications than NetDocuments.

    Take our compliance certifications for example. All NetDocuments customers can state that their document and email management services are compliant against the following security, availability, and privacy standards: ISO 27001, ISO 27018, GDPR, SOC 2 Level 2, SOC 2+ (Banking compliance), FIPS 140-2 Level, HIPAA Hitech, FINRA and SEC 17a, and soon ISO 27017, ITAR, FedRAMP, and others. Because NetDocuments is a single global service for all customers, every customer inherits these certifications automatically. Without this multi-tenant cloud infrastructure, every customer would have to certify against each of these security or privacy standards on their own, which would take an inordinate amount of time and cost.

    The crucial realization is that NetDocuments applies a level of security that is above all other forms of security described above. Every document is uniquely encrypted by a document key (for ransomware protection), which in turn can be encrypted by a firm managed encryption, plus a NetDocuments encryption key for dual custody cryptography (for subpoena defense and protection against self), with a fourth crypto processor key encrypting the former two, in the Hardware Security Module, which generates all random number keys based upon entropic means through quantum technology (for defense against nation state attacks). Because of the crypto processor and the HSM being rated at Level 3, a hacker with possession or the encrypted document plus the dual cypher keys would still be unable to open the document, because cypher decryption has to happen in the original HSM. This form of security is applied against all data locations, whether on-premise, or in Microsoft Azure, or in the NetDocuments Cloud.

    What is the conclusion here? Cloud services such as NetDocuments make it irrelevant to ask the question “where is the data physically stored?” Because ndFlexStore gives the Firm the freedom to store anywhere on-prem or in the cloud as determined by each matter or project, and because the same level of dual-custody entropic cryptography is applied to any storage location, thus homogenizing any persistent storage to the absolute best back-end security standard regardless of the physical or network storage safeguards.

    Another crucial technology on this subject is protection for the End-User via matter-based DLP (data loss protection) rules under a matter-based data classification. This is protection at any action level for any matter content, which goes well beyond access control and ethical walls. NetDocuments Cloud will deploy matter-based DLP under our Governance service later this year, creating the complete safeguard for back-end storage and end-user behavior, while offering the option for cloud or on-premise data storage. This approach sets a new standard for Cloud Technology and risk mitigation, making the question “where is my data?” much less important, and giving the huge flexibility to securely store anywhere.
  • No matter who you talk to, knowledge management is a major challenge for firms and law departments alike. I recall as an associate spending hours looking for precedent documents, and not having much success because in the heat of drafting, lawyers were not accustomed to then save and archive their documents for future use.

    This was back in 2012 (and admittedly I was using a competing product), what is NetDocuments doing today to make finding best precedent documents seamless?
  • A mature cloud-based document management platform treats files as intellectual assets for future discoverability. The goal is to transparently capture, profile, full-text index, entity extract, clause extract, risk detect, and ontologically classify documents and seamlessly access them in the future.

    To fully answer your question and back-up our statement above, let’s look at five areas of NetDocuments differentiation:

    1. If the goal is to seamlessly capture work to be used as future precedent, NetDocuments can do so transparently and invisibly with our Invisible Document Management concept. Regardless of a preferred user environment, NetDocuments is present: In NetDocuments terminology, if the user is working in a browser, the work is captured via ndWeb. If the user is working in Microsoft Office or Acrobat, the work is captured via ndOffice. If the user is working with emails in Outlook, the work is captured by ndMail. If the user is working in a mobile device, the work is captured by the NetDocuments iOS or Android apps. NetDocuments even has a built-in integration into Office-365, where, like One Drive, NetDocuments cloud services are built-in as a cloud storage provider for Microsoft Word, Excel, and PowerPoint. If the goal is to seamlessly capture work to be used as future precedent, NetDocuments can do so transparently and invisibly, even including offline access with NetDocuments file and device synchronization technology, ndSync™. Our high levels of adoption and low churn (both into the high 90%) are indication of usage across mediums and work styles of today’s legal professionals.

    2. Emails of course are also a rich source of intellectual assets for future precedence. NetDocuments recently released ndMail, predictive technology which seamlessly will profile an email and its attachments by analyzing available information and predicting the client, matter, and folder where it belongs. ndMail technology is based on machine learning and crowd predictions, from the previous corpus of similar digital files associated with a client and matter, and heuristically predicts the best possible matches for future reference.

    3. While all other major DMS providers have recently announced new full-text search technologies, NetDocuments has deployed its Solr-based ndSearch for seven years with billions of documents under management. The result is a robust search technology which won’t slow down under high-volume and deploys auto self-remediation during times of stress. This is extremely hard to accomplish and takes years of fine-tuning before it becomes battled-hardened for knowledge management.

    4. The full-text index can be greatly fine-tuned and enhanced as a knowledge management tool if it is also an entity extractor in addition to just plain indexer. KM must treat document text as “things” not “strings.” If the entities contained in documents, emails, and discussions threads can be identified as people’s names, companies, dates, financial amounts, titles, locations, and Personal Identifiable Information (PII), then the document contents would be elevated as relevant knowledge and managed as such, instead of just simple texts. Precedent accessibility is greatly enhanced if documents can be associated with its entities.

    5. Another NetDocument’s initiative is the deployment of an AI marketplace where multiple machine learning vendors can apply their heuristics technologies against NetDocuments contents, without moving the documents out of the secure repository. NetDocuments acknowledges that no single vendor in AI technology can capture the overall breadth and depth of machine learning functionality. Recently we have seen an explosion of good vendors doing contract analytics, clause extraction, M&A due diligence, litigation prediction, and other forms of AI. Some of these technologies can be very valuable for KM and precedent identification. NetDocuments exposes documents into the ever-growing AI marketplace which already includes a growing list of vendors such as Kira Systems and others.

    In summary, a proper content management infrastructure for precedent identification requires multiple approaches within the platform. These include: invisible document capture in every environment chosen by the user, for managing all relevant documents; intelligent predictive profiling, for ease of metadata creation and retrieval; a robust battled-hardened index and search technology enhanced with the ability to identify entities (things) not just text; a KM infrastructure with its specific global cabinet, future document redactor, and ontology classification; and an AI marketplace where machine learning technologies from multiple leading legal AI vendors can be applied to the repository.

    Law Firms began moving to the cloud in earnest in recent years. Driving this migration are: (1) risk mitigation such as security and cryptography; (2) battled-hardened cloud technology and its multi-tenancy capabilities; (3) invisibility and transparency of the application layer, supporting all critical OS, collaboration and teamwork; (4) governance technologies (data classification, data loss prevention, dual custody cryptography, geo-aware storage); and (5) knowledge management. While migration has been focused in the past on only pioneering firms, it is now happening within to the early majority phase.
  • Thanks for joining me Alvin, this was all very informative.